EncFSBase64.decodeEncfs() crashes on bad input

mrpdaemon / encfs-java

encfs-java is a Java library for accessing data in EncFS volumes

GNU Lesser General Public License v3.0

42 stars 15 forks source link

EncFSBase64.decodeEncfs() crashes on bad input #53

Closed mrpdaemon closed 11 years ago

mrpdaemon commented 11 years ago

Seeing this:

Caused by: java.lang.ArrayIndexOutOfBoundsException: length=257; index=-61 at org.mrpdaemon.sec.encfs.EncFSBase64.decodeEncfs(EncFSBase64.java:1452) at org.mrpdaemon.sec.encfs.EncFSCrypto.decodeName(EncFSCrypto.java:755) at org.mrpdaemon.sec.encfs.EncFSFile.listFiles(EncFSFile.java:242)

Need to harden EncFSBase64.decodeEncfs() against negative byte values.

mrpdaemon commented 11 years ago

Fixed at 50c4ca3b3fa3472b09617058908b5a6e5e8f934e